Latest CVE Feed
-
5.5
MEDIUMCVE-2021-28698
long running loops in grant table handling In order to properly monitor resource use, Xen maintains information on the grant mappings a domain may create to map grants offered by other domains. In the process of carrying out certain actions, Xen would ite... Read more
- EPSS Score: %0.06
- Published: Aug. 27, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-28697
grant table v2 status pages may remain accessible after de-allocation Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pag... Read more
- EPSS Score: %0.06
- Published: Aug. 27, 2021
- Modified: Nov. 21, 2024
-
6.8
MEDIUMCVE-2021-28696
IOMMU page mapping issues on x86 T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Both AMD and Intel allow ACPI tables to specify regions of memory which should be left untran... Read more
- EPSS Score: %0.12
- Published: Aug. 27, 2021
- Modified: Nov. 21, 2024
-
6.8
MEDIUMCVE-2021-28695
IOMMU page mapping issues on x86 T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Both AMD and Intel allow ACPI tables to specify regions of memory which should be left untran... Read more
- EPSS Score: %0.14
- Published: Aug. 27, 2021
- Modified: Nov. 21, 2024
-
6.8
MEDIUMCVE-2021-28694
IOMMU page mapping issues on x86 T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Both AMD and Intel allow ACPI tables to specify regions of memory which should be left untran... Read more
- EPSS Score: %0.14
- Published: Aug. 27, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-28693
xen/arm: Boot modules are not scrubbed The bootloader will load boot modules (e.g. kernel, initramfs...) in a temporary area before they are copied by Xen to each domain memory. To ensure sensitive data is not leaked from the modules, Xen must "scrub" the... Read more
Affected Products : xen- EPSS Score: %0.06
- Published: Jun. 30, 2021
- Modified: Nov. 21, 2024
-
7.1
HIGHCVE-2021-28692
inappropriate x86 IOMMU timeout detection / handling IOMMUs process commands issued to them in parallel with the operation of the CPU(s) issuing such commands. In the current implementation in Xen, asynchronous notification of the completion of such comma... Read more
Affected Products : xen- EPSS Score: %0.04
- Published: Jun. 30, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-28691
Guest triggered use-after-free in Linux xen-netback A malicious or buggy network PV frontend can force Linux netback to disable the interface and terminate the receive kernel thread associated with queue 0 in response to the frontend sending a malformed p... Read more
Affected Products : linux_kernel h410c_firmware cloud_backup h300s_firmware h500s_firmware h700s_firmware h410s_firmware h300s h410s h500s +8 more products- EPSS Score: %0.04
- Published: Jun. 29, 2021
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-28690
x86: TSX Async Abort protections not restored after S3 This issue relates to the TSX Async Abort speculative security vulnerability. Please see https://xenbits.xen.org/xsa/advisory-305.html for details. Mitigating TAA by disabling TSX (the default and pre... Read more
Affected Products : xen- EPSS Score: %0.36
- Published: Jun. 29, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-28689
x86: Speculative vulnerabilities with bare (non-shim) 32-bit PV guests 32-bit x86 PV guest kernels run in ring 1. At the time when Xen was developed, this area of the i386 architecture was rarely used, which is why Xen was able to use it to implement para... Read more
Affected Products : xen- EPSS Score: %0.08
- Published: Jun. 11, 2021
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-28688
The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This initialization went too far and may under certain conditions also overwrite pointers which are in need of cleaning u... Read more
- EPSS Score: %0.07
- Published: Apr. 06, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-28687
HVM soft-reset crashes toolstack libxl requires all data structures passed across its public interface to be initialized before use and disposed of afterwards by calling a specific set of functions. Many internal data structures also require this initiali... Read more
Affected Products : xen- EPSS Score: %0.04
- Published: Jun. 11, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-28686
AsIO2_64.sys and AsIO2_32.sys in ASUS GPUTweak II before 2.3.0.3 allow low-privileged users to trigger a stack-based buffer overflow. This could enable low-privileged users to achieve Denial of Service via a DeviceIoControl.... Read more
Affected Products : gputweak_ii- EPSS Score: %0.06
- Published: Apr. 08, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-28685
AsIO2_64.sys and AsIO2_32.sys in ASUS GPUTweak II before 2.3.0.3 allow low-privileged users to interact directly with physical memory (by calling one of several driver routines that map physical memory into the virtual address space of the calling process... Read more
Affected Products : gputweak_ii- EPSS Score: %0.04
- Published: Apr. 08, 2021
- Modified: Nov. 21, 2024
-
4.3
MEDIUMCVE-2021-28684
The XML parser used in ConeXware PowerArchiver before 20.10.02 allows processing of external entities, which might lead to exfiltration of local files over the network (via an XXE attack).... Read more
Affected Products : powerarchiver- EPSS Score: %0.33
- Published: Jun. 21, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-28683
An issue was discovered in Envoy through 1.71.1. There is a remotely exploitable NULL pointer dereference and crash in TLS when an unknown TLS alert code is received.... Read more
Affected Products : envoy- EPSS Score: %0.12
- Published: May. 20, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-28682
An issue was discovered in Envoy through 1.71.1. There is a remotely exploitable integer overflow in which a very large grpc-timeout value leads to unexpected timeout calculations.... Read more
Affected Products : envoy- EPSS Score: %0.09
- Published: May. 20, 2021
- Modified: Nov. 21, 2024
-
5.3
MEDIUMCVE-2021-28681
Pion WebRTC before 3.0.15 didn't properly tear down the DTLS Connection when certificate verification failed. The PeerConnectionState was set to failed, but a user could ignore that and continue to use the PeerConnection. )A WebRTC implementation shouldn'... Read more
- EPSS Score: %0.10
- Published: Mar. 18, 2021
- Modified: Nov. 21, 2024
-
8.1
HIGHCVE-2021-28680
The devise_masquerade gem before 1.3 allows certain attacks when a password's salt is unknown. An application that uses this gem to let administrators masquerade/impersonate users loses one layer of security protection compared to a situation where Devise... Read more
Affected Products : devise_masquerade- EPSS Score: %0.32
- Published: Dec. 07, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-28678
An issue was discovered in Pillow before 8.2.0. For BLP data, BlpImagePlugin did not properly check that reads (after jumping to file offsets) returned data. This could lead to a DoS where the decoder could be run a large number of times on empty data.... Read more
- EPSS Score: %0.08
- Published: Jun. 02, 2021
- Modified: Nov. 21, 2024